Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2013-3060
The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.
| Software | From | Fixed in |
|---|---|---|
| apache / activemq | 5.3.0 | 5.3.0.x |
| apache / activemq | 4.1.0 | 4.1.0.x |
| apache / activemq | 5.4.0 | 5.4.0.x |
| apache / activemq | 5.5.1 | 5.5.1.x |
| apache / activemq | 5.4.1 | 5.4.1.x |
| apache / activemq | 5.3.1 | 5.3.1.x |
| apache / activemq | 5.2.0 | 5.2.0.x |
| apache / activemq | 5.0.0 | 5.0.0.x |
| apache / activemq | 4.0 | 4.0.x |
| apache / activemq | 4.0.2 | 4.0.2.x |
| apache / activemq | - | 5.7.0.x |
| apache / activemq | 4.0.1 | 4.0.1.x |
| apache / activemq | 5.1.0 | 5.1.0.x |
| apache / activemq | 5.5.0 | 5.5.0.x |
| apache / activemq | 4.0-rc2 | 4.0-rc2.x |
| apache / activemq | 5.3.2 | 5.3.2.x |
| apache / activemq | 4.1.1 | 4.1.1.x |
| apache / activemq | 4.0-m4 | 4.0-m4.x |
| apache / activemq | 5.6.0 | 5.6.0.x |
| apache / activemq | 5.4.2 | 5.4.2.x |
org.apache.activemq / activemq-client
|
- | 5.8.0 |
- http://activemq.2283324.n4.nabble.com/DISCUSS-ActiveMQ-out-of-the-box-Should-not-include-the-demos-tc4658044.html
- http://activemq.apache.org/activemq-580-release.html
- http://rhn.redhat.com/errata/RHSA-2013-1029.html
- http://rhn.redhat.com/errata/RHSA-2013-1221.html
- http://www.securityfocus.com/bid/59402
- https://fisheye6.atlassian.com/changelog/activemq?cs=1404998
- https://issues.apache.org/jira/browse/AMQ-4124
- https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311210&version=12323282